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AMENDMENT TO THE CLAIMS: 

This listing of claims will replace all prior versions of claims in the application. 

Listing of Claims: 

1-14. (Cancelled) 

15. (Currently Amended) A process for the remote authentication of a user (7) for 
local access to a local machine (4) of a network (5) having a remote server managed by an 
administrator ^ and classification means {6) for classifying information, and communication 
means (9) for connecting the user (7) and the administrator (8) comprising: 

creating a challenge (D) capable of being transmitted by the communication means 
(9 ^. the challenge including information representing the type of challenge : 

communicating the challenge (D) cr e ated to the administrator (8) together with 
elements known by the user, via the communication means (9); 

performing a first predetermined calculation by means of the server (3) and obtaining 
a first response (RD) that is a function of at least one of the challenge (D) and/or and of 
predetermined data; 

transmitting to the user (7) the first response (RD); 

performing a second calculation by means of the local machine (4) and obtaining a 
second response (RDl) that is a fianction of at least one of the challenge (D) and/or and of 
predetermined data; and 

comparing the first response (RD) transmitted by the administrator to the second 
response (RDl) calculated by the local machine (4) so as to authenticate the user and 
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locally authorize connection of the user (7) to the local machine (4) based on the result of the 
comparison. 

16. (Currently Amended) A process according to claim 15, characterized in that 
wherein the first predetermined calculation performed by the server (3) consists of comprises 
modifying, in accordance with a given algorithm, the challenge (D) and/or and at least one of 
the following pieces of data: 

a. ) at least one piece of information issued by the classification means and known by 
the user, 

b. ) at least one secret shared between the server (3) and the local machine (4), and 

c. ) at least one element communicated by the user. 

17. (Currently Amended) A process according to claim 15, characterized in that 
wherein the second calculation performed by the local machine (4) consists of comprises 
modifying, in accordance with a given algorithm, the challenge (D) and/or and at least one of 
the following pieces of data: 

a. ) at least one secret shared between the server and the local machine (4), and 

b. ) at least one element communicated by the user. 

1 8. (Currently Amended) A process according to claim 1 6, charact e rized in that 
wherein the second calculation performed by the local machine (4) consists of comprises 
modifying, in accordance with a given algorithm, the challenge (D) and/or at least one of the 
following pieces of data: 
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a. ) at least one secret shared between the server (5) and the local machine (4), and 

b. ) at least one element communicated by the user. 

19. (Currently Amended) A process according to claim 16, characterized in that 
wherein said at least one shared secret is entered into the server (3) and transmitted to the 
local machine (4) during a successful network authentication. 

20. (Currently Amended) A process according to claim 1 7, charact e riz e d in that 
wherein said at least one shared secret is entered into the server and transmitted to the 
local machine (4) during a successfiil network authentication. 

21 . (Currently Amended) A process according to claim 1 8, charact e rized in that 
wherein said at least one shared secret is entered into the server ^ and transmitted to the 
local machine f4) during a successfiil network authentication. 

22. (Currently Amended) A process according to claim 16, characterized in that 
wherein said at least one shared secret or secrets, as the case may be, are modified by means 
of a modification key (C) that depends on the local machine (4), prior to being modified by 
the algorithm. 

23. (Currently Amended) A process according to claim 22, characterized in that 
wherein the modification key (C) consists of comprises concatenating the secret or a 
combination of secrets existing in the form of a byte string called a Master Station Secret and 
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of hashing the byte string obtained through concatenation by means of a calculation 
algorithm, to obtain a byte string called a Station Secret. 

24. (Currently Amended) A process according to claim 16, characterized in that 
wherein said at least one shared secret or secrets, as the case may be, are accompanied by a 
version number that is incremented each time the secret is modified. 

25. (Currently Amended) A process according to claim 17, charact e riz e d in that 
yyherein said at least one shared secret or secrets, as the case may be, are accompanied by a 
version number that is incremented each time the secret is modified. 

\ 

26. (Currently Amended) A process according to claim 18, charact e rized in that 
wherein said at least one shared secret or secrets, as the case may be, are accompanied by a 
version number that is incremented each time the secret is modified. 

27. (Currently Amended) A process according to claim 15, characterized in that 
wherein the challenge is constituted by a byte string. 

28. (Currently Amended) A process according to claim 16, charact e rized in that 
wherein the challenge is constituted by a byte string. 

29. (Currently Amended) A proc e ss according to claim 24, charact e riz e d in that A 
process for the remote authentication of a user for local access to a local machine of a 
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network having a remote server managed by an administrator and classification means for 
classifying information, and means for connecting the user and the administrator comprising: 

creating a challenge (D) capable of being transmitted by the communication means: 

communicating the challenge (D) to the administrator together with elements known 
by the user, via the communication means: 

performing a first predetermined calculation by means of the server and obtaining a 
first response (RD) that is a function of the challenge (D) and/or of predetermined data: 

transmitting to the user the first response (RD): 

performing a second calculation by means of the local machine and obtaining a 
second response (RDl) that is a function of the challenge (D) and/or of predetermined data: 
and 

comparing the first response (RD) transmitted by the administrator to the second 
response (RDl) calculated by the local machine so as to authenticate the user and locally 
authorize connection of the user to the local machine based on the result of the comparison, 

wherein the first predetermined calculation performed by the server comprises 
modifying, in accordance with a given algorithm, the challenge (D) and at least one of the 
following pieces of data: 

at least one piece of information issued by the classification means and known by the 

user, 

at least one secret shared between the server and the local machine, and 
at least one element communicated by the user: and 

said at least one shared secret or secrets, as the case may be, are accompanied by a 
version number that is incremented each time the secret is modified: and 
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the challenge is compos e d of comprises : 

a first byte representing the type of challenge, the type of challenge indicating 
whether a network authentication has been performed; 

second and third bytes representing the version number of the shared information; and 
random alphanumeric characters of the fourth to twelfth bytes. 

30. (Currently Amended) A process according to claim 27, characterized in that 
A process for the remote authentication of a user for local access to a local machine of a 
network having a remote server managed by an administrator and classification means for 
classifying information, and means for connecting the user and the administrator comprising: 

creating a challenge (D) capable of being transmitted by the communication means: 

communicating the challenge (D) to the administrator together with elements known 
by the user, via the communication means; 

performing a first predetermined calculation by means of the server and obtaining a 
first response (RD) that is a function of the challenge (D) and/or of predetermined data: 

transmitting to the user the first response (RD): 

performing a second calculation by means of the local machine and obtaining a 
second response fRDU that is a function of the challenge (D) and/or of predetermined data: 
and 

comparing the first response (RD) transmitted by the administrator to the second 
response (RDl) calculated by the local machine so as to authenticate the user and locally 
authorize connection of the user to the local machine based on the result of the comparison, 
wherein. 
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the challenge is compos e d of comprises : 

a byte string, comprising: 

a first byte representing the type of challenge, the type of challenge indicating 
whether a network authentication has been performed; 

second and third bytes representing the version number of the shared information; and 
random alphanumeric characters of the fourth to twelfth bytes. 

3 1 . (Currently Amended) A process according to claim 23, characterized in that 
wherein the response (RD; RDl) is calculated by hashing, in accordance with a calculation 
algorithm, a character string compos e d of comprising the concatenation in a predetermined 
order of the challenge, the character string resulting from the transformation by a calculation 
algorithm of the user's password, the Station Secret and the user's name. 

32. (Currently Amended) A process according to claim 15, characterized in that 
wherein the response (RD; RDl) is calculated by hashing, in accordance with a calculation 
algorithm, a character string composed of comprising the concatenation in a predetermined 
order of the challenge, a fixed security key CC stored in the local machine (4) and in the 
server the name of the local machine (4), and the character string resulting from the 
transformation by a calculation algorithm of the user's password and user name. 

33. (Currently Amended) A process according to claim 1 5, characterized in that 
wherein the local connection authorized is temporary, the authorized duration of the local 
connection being configurable. 
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34. (Currently Amended) A process according to claim 15, oharaotorizod in that it 
oonsiGts of further comprising locally authenticating the user (7) after a disconn e ction by the 
user (7) authenticated remotely is disconnected from the local machine . 

35. (Currently Amended) A system for the remote authentication of a local user 
f?) for local access to a local machine of a network (§) having a remote server managed 
by an administrator (8) and containing means (6) for classifying information, comprising 
communication means {9) for connecting the user f?) with the administrator (8), each local 
machine (4) comprising a user authentication module (W) that includes a first user module 
for generating a challenge ^44) , the challenge including information representing the type of 
challenge, and a second user module for calculating a response to the challenge, and the 
remote server comprising an administrative authentication jnqdule for authorizing 
access by the user to the local machine based on the response generated. 



